We are looking at having spamdyke running on our server (Centos 5 + plesk 10.2) but are worried about having false positives.We do have a configuration file from having used spamdyke a few years ago but that is possibly a little outdated.

Would anyone mind posting their spamdyke configurations so we have something to compare with?

Thanks! Although we still get a similar issue - outlook still can't connect to the smtp now that i have included the config file, here is a copy of the config file:

# This is an example spamdyke configuration file for spamdyke version 4.2.0.## Without editing, this file will do nothing -- every available option is# commented out. To enable options, edit the values and remove the comment# markers at the beginning of the lines (#).## See the README.html file in spamdyke's "documentation" directory for a full# description of each option. The documentation is also available on spamdyke's# website:# http://www.spamdyke.org/

################################################################################# DNS OPTIONS################################################################################# These options should only be used if spamdyke's default behavior is causing# problems.

# Controls the types of queries performed when looking up an IP address.# Available values: a, cname# Default: a + cname#dns-query-type-a=VALUE

# Controls the types of queries performed when looking up a mail exchanger.# Available values: a, cname, mx# Default: a + cname + mx#dns-query-type-mx=VALUE

# Controls the types of queries performed when looking up a reverse DNS record.# Available values: cname, ptr# Default: cname + ptr#dns-query-type-ptr=VALUE

# Controls the types of queries performed when looking up a records in DNS RBLs,# DNS RWLs, DNS RHSBLs and DNS RHSWLs.# Available values: a, cname, txt# Default: a + cname + txt#dns-query-type-rbl=VALUE

################################################################################# REJECTION MESSAGES################################################################################# Append URL to the end of every rejection message sent to the remote server.# Default: nonepolicy-url=http://domain.com/spam-why-blocked

# Use TEXT as the rejection message when a connection is blocked because the# remote server matches a line in an access file that denies access.# Default: "Refused. Access is denied."#rejection-text-access-denied=TEXT

# Use TEXT as the rejection message when authentication fails for any reason.# Default: "Refused. Authentication failed."#rejection-text-auth-failure=TEXT

# Use TEXT as the rejection message when SMTP AUTH is rejected because the# remote server tries to use an unsupported authentication method. This should# never happen.# Default: "Refused. Unknown authentication method."#rejection-text-auth-unknown=TEXT

# Use TEXT as the rejection message when a connection is blocked because the# remote server's IP address is listed on a DNS blacklist. This text will only# be used if the DNS blacklist does not provide a text message and the name of# the DNS blacklist will be appended.# Default: "Refused. Your IP address is listed in the RBL at "#rejection-text-dns-blacklist=TEXT

# Use TEXT as the rejection message when a connection is blocked because the# remote server sent data before the SMTP greeting banner was sent.# Default: "Refused. You are not following the SMTP protocol."#rejection-text-earlytalker=TEXT

# Use TEXT as the rejection message when a connection is blocked because the# remote server has no rDNS name.# Default: "Refused. You have no reverse DNS entry."#rejection-text-empty-rdns=TEXT

# Use TEXT as the rejection message when a recipient is blocked by the graylist# filter.# Default: "Your address has been graylisted. Try again later."#rejection-text-graylist=TEXT

# Use TEXT as the rejection message when a recipient is blocked because it# exactly matches the sender address.# Default: "Refused. Identical sender and recipient addresses are not allowed."#rejection-text-identical-sender-recipient=TEXT

# Use TEXT as the rejection message when a connection is blocked because the# remote server's IP address is listed in a blacklist file or directory.# Default: "Refused. Your IP address is blacklisted."#rejection-text-ip-blacklist=TEXT

# Use TEXT as the rejection message when a connection is blocked because the# remote server's rDNS name contains its IP address and ends in a country code.# Default: "Refused. Your reverse DNS entry contains your IP address and a# country code."#rejection-text-ip-in-cc-rdns=TEXT

# Use TEXT as the rejection message when a connection is blocked because the# sender's rDNS name contains its IP address and a blacklisted keyword.# Default: "Refused. Your reverse DNS entry contains your IP address and a# banned keyword."#rejection-text-ip-in-rdns-keyword-blacklist=TEXT

# Use TEXT as the rejection message when a recipient is blocked because the# recipient address was given with no domain name.# Default: "Improper recipient address. Try supplying a domain name."#rejection-text-local-recipient=TEXT

# Use TEXT as the rejection message when a recipient is blocked because the# maximum number of recipients has been reached.# Default: "Too many recipients. Try the remaining addresses again later."#rejection-text-max-recipients=TEXT

# Use TEXT as the rejection message when a recipient is blocked because the# sender's email domain has no mail exchanger.# Default: "Refused. The domain of your sender address has no mail exchanger# (MX)."#rejection-text-missing-sender-mx=TEXT

# Use TEXT as the rejection message when a connection is blocked because the# remote server's rDNS name is listed in a blacklist file or directory.# Default: "Refused. Your domain name is blacklisted."#rejection-text-rdns-blacklist=TEXT

# Use TEXT as the rejection message when a recipient is blocked because the# recipient's address is listed in a blacklist file.# Default: "Refused. Mail is not being accepted at this address."#rejection-text-recipient-blacklist=TEXT

# Use TEXT as the rejection message when a connection is blocked because all# connections are being rejected.# Default: "Refused. Mail is not being accepted."#rejection-text-reject-all=TEXT

# Use TEXT as the rejection message when a recipient is blocked because the# remote server does not have permission to relay.# Default: "Refused. Sending to remote addresses (relaying) is not allowed."#rejection-text-relaying-denied=TEXT

# Use TEXT as the rejection message when a connection is blocked because the# remote server's rDNS name or the sender's email domain name is listed on a RHS# blacklist. This text will only be used if the RHS blacklist does not provide a# text message and the name of the RHS blacklist will be appended.# Default: "Refused. Your domain name is listed in the RHSBL at "#rejection-text-rhs-blacklist=TEXT

# Use TEXT as the rejection message when a connection is blocked because the# sender's address is listed in a blacklist file.# Default: "Refused. Your sender address has been blacklisted."#rejection-text-sender-blacklist=TEXT

# Use TEXT as the rejection message when a connection is blocked because the# remote server has not authenticated.# Default: "Refused. Authentication is required to send mail."#rejection-text-smtp-auth-required=TEXT

# Use TEXT as the rejection message when a connection times out.# Default: "Timeout. Talk faster next time."#rejection-text-timeout=TEXT

# Use TEXT as the rejection message when a SSL/TLS connection cannot be# negotiated with the remote client.# Default: "Failed to negotiate TLS connection."#rejection-text-tls-failure=TEXT

# Use TEXT as the rejection message when a connection is blocked because the# remote server's rDNS name does not resolve.# Default: "Refused. Your reverse DNS entry does not resolve."#rejection-text-unresolvable-rdns=TEXT

# Use TEXT as the rejection message when a connection is blocked because no valid# recipients have been given.# Default: "Refused. You must specify at least one valid recipient."#rejection-text-zero-recipients=TEXT

Outlook will not be able to use your server to send messages with spamdyke installed IF you are relying on pop-before-relay rather than full username/password authentication.

However, the normal error message to get in that situation would be "relaying denied" rather than what you are getting.

Secondly, with spamdyke installed, it is very likely that customers trying to send email would have general problems. For example their IP is blacklisted. They get greylisted, and so on and so forth.

The normal solution to this is to enable port 587 for smtp in Plesk and make sure anyone who you allow to send email via your server uses that port. They will have to use full smtp authentication to send messages via port 587.

I don't know if any of this will help given the strange error message you were getting.

_________________--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>

We've always found the problem here to be with qmail <-> Outlook rather than anything to do with spamdyke per se, smtp auth in general on port 25 doesn't work at all for us and whilst the system is configured for it it just falls back on to poplocks all the time.

paulie -- Yes! I seem to remember some issue with sending in Outlook. Microsoft changed something in the 2010 version which was when problems started. There's a long thread about it on the Parallels forum from the time when it started.

Now then...what was the solution....Hmm....If I remember correctly it was if you have pop-before-relay enabled then full authentication doesn't work. Or something like that.

Douglas -- try disabling pop-before-relay. I think it might work then (but your customers will all have to do full authentication).

My brain is telling me that at some point there was a change to spamdyke (or the feature was there from the start) and if you do full smtp authentication then no filters are applied if there's a successful login. I may have dreamed this though, and it may not be the case.

If it isn't the case then customers connecting from IPs that are in the blacklists configured for spamdyke will not be able to send AND all customers will be greylisted and therefore unable to send initially. You can solve the latter problem by setting the greylist to 10 seconds initially, or something, then gradually increase it. The former problem......you could whitelist their IPs, maybe?

Anyway, try it and see.

_________________--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>

Who is online

Users browsing this forum: No registered users and 2 guests

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot post attachments in this forum